If you’ve read our password manager FAQs then you already know the importance of using a strong password for each and every online account at your disposal.
You will also know why it is important not to pick just one password and then keep on using it: if it gets revealed in a breach – and that is, alas, increasingly likely to happen these days – then a criminal would have access to everything.
You don’t want theft to happen.
So, you decide a password manager is essential – good choice – but don’t know which one to go with.
That’s what our reviews are here for, so let’s find out whether the ever-popular LastPass should be worthy of your consideration.
The first thing to note about LastPass is the fact that there are 3 different versions: free, premium and enterprise.
For $12 per year, LastPass Premium offers unlimited synching across any number of mobile and desktop services, additional multi factor authentication options, desktop application passwords and the ability to share password-protected folders between up to 5 users.
Business users may wish to check out the LastPass Enterprise which adds the same features as Premium, as well as a centralised administrator’s console, single sign-on and security policies and reports.
But, for the purpose of this review, we shall be looking at the version most suited to everyday users – the free version of LastPass.
So, what do you get for nothing?
The feature set of the basic version includes:
- unlimited storage of passwords and secure notes
- automatic backup and synching for one device
- automated filling of login credentials and forms
- Security Challenge password audit
- Multi factor authentication and one time passwords
Setting Up LastPass
Setting up LastPass is quite easy.
If you have never used the service before you’ll need to create a new account as part of the installation service.
The key thing to remember here concerns the choice of a master password.
As I’m sure you are already aware, the whole point of a password manager is to enable you to create complex, and different, passwords for all your accounts while only having to remember one master set of login credentials.
So, remember to make your master password fiendishly difficult to crack – a healthy mixture of letters, numbers and symbols, wrapped up into something long that bears no resemblance to a real word is what you are looking for.
When you’ve come up with something suitable be sure to remember it – LastPass will remind you of the fact that no-one their end can retrieve the password for you should you ever forget it.
As harsh as that may sound, it’s for your own protection as it means no-one else will be able to get hold of your login credentials, including law enforcement, with or without a warrant.
At this point you may also want to take advantage of the two factor authentication on offer. In fact, I would positively encourage you to do so as it means a hacker still wouldn’t be able to access your password vault even if they did somehow manage to get hold of your master password.
Continuing with the installation process, you will also be offered the opportunity to import passwords from your browser (Internet Explorer, Chrome or Firefox). I highly recommend taking advantage of the feature as browser password storage isn’t all that secure.
Next up, you can install the LastPass plugin into your browser (Mac fans will be pleased to see this is available for Safari and Opera is also covered too).
Talking of Mac users (and those of you who have multiple PCs), the free version of LastPass offers you the ability to synch your data between all of your machines. You can also synch to phones as well, though only one of each type of device, unless you opt for the premium upgrade.
Much like every other password you could consider, LastPass records your usernames and passwords every time you sign up to a new website or acquire a new account somewhere online.
More than that, LastPass can also suggest new passwords for you, and its suggestions can be extremely long and complex. In fact, you decide the password length and then let the software take care of the rest for you.
When you later revisit that site, the program can automatically enter your data for you, saving you not only the hassle of typing, but also the headache of remembering all of those passwords!
If, for some reason, you have more than one set of login credentials for a site, LastPass will allow you to choose the correct one for that session from a menu.
For even more convenience, LastPass has a browser button which allows you to view a menu of all your saved sites. You may even categorise them if you wish, or let LastPass do that for you.
Got hundreds of passwords? Don’t worry, LastPass even has a search function so you can find your saved sites in no time at all.
Lastly, beyond passwords, the program has even more functionality, acting as an assistant when it comes to filling in web forms.
You can create all manner of profiles from which LastPass can then fill in your personal data (name, address email address, etc.) where appropriate.
Click on a field in a web form and LastPass will offer to save the info you’ve just entered into it.
Security And Privacy
LastPass encrypts your data as it travels to and from its servers and, as mentioned earlier, only you can unlock that encryption – with your master password.
Talking of which, if you are concerned that someone may try to steal your master password via a keylogger installer on your system (you do have antivirus software installed to block that, right?), you can set your mind at rest by using virtual keyboard built into LastPass.
For those of you who are slightly more paranoid, this password manager allows you to create sets of one time passwords which, as the name suggests, cannot be used more than the once. If someone captures that password, or peers over your shoulder, it will do them no good whatsoever.
So, now you have LastPass helping you create epic and unique passwords for every new site you visit, what to do about all those poor passwords you had before you installed the software?
Fortunately, that’s covered too.
The LastPass Security Challenge rummages around those passwords and gives them a score. The lower the score, the more pressing the need to change them!
Issues such as weak passwords and duplicated passwords are all highlighted.
Additionally, LastPass will also take a sly look at your email addresses (but not your email, don’t worry!) and will report back if it discovers any of them may have been compromised in a data breach. Nice feature.
LastPass is an excellent password manager.
It isn’t as easy on the eye as some commercial alternatives but it is certainly sexier than many open source alternatives.
The program allows complex passwords to be created and saved, saves time on filling in web forms and has a raft of additional security features for your peace of mind.
Overall, there’s not much to not like and it’s free.
That’s why LastPass is the password manager I personally use on all my Windows machines.